using Invoke-Command -Computer Fidelity -ScriptBlock in the ps script
Gives error as winrm cannot process the request.
What I am doing wrong…any nudges please…!!
Type your comment> @rootsh3llz said:
using Invoke-Command -Computer Fidelity -ScriptBlock in the ps script
Gives error as winrm cannot process the request.
What I am doing wrong…any nudges please…!!
I’m seeing similar issues with a range of PS commands that i know work. Depending on how you are running them, maybe its related to a limited shell? (At least i think my issues are)
edit: took me more than a few minutes of head scratching… don’t be dense like me and overlook your notes 
Type your comment
Just rooted! Thanks for the very interesting machine!
Hints:
user: after enumeration the popular sql tool can help you.
root: enum your user. Windows updates can help you.
Feel free to PM me for a help.
Looking for a nudge on the initial foothold. aikigage#8174 on Discord.
Update: Appreciate the nudge @cY83rR0H1t
Ok, feel a little silly asking this. I know how I am supposed to access admin page, header and source spotted when first enumerating. Sadly I don’t know what to change so that admin.php see request as coming from the destination it is supposed to. Can someone please give me a Nudge and either point me at a document which will explain (I have googled lots and lots) or give me a clue.
Type your comment> @flymomike said:
Ok, feel a little silly asking this. I know how I am supposed to access admin page, header and source spotted when first enumerating. Sadly I don’t know what to change so that admin.php see request as coming from the destination it is supposed to. Can someone please give me a Nudge and either point me at a document which will explain (I have googled lots and lots) or give me a clue.
NVM - all sorted now Thx @TazWake for the nudge. Got user creds just need to work out how to use them.
Just rooted this box. Took me quite a while, but learned so much. For anyone still having issues with root, I would recommended doing (or looking back on) getting root for Remote; the technique is similar (in the end at least), with a few minor changes. For anyone having issues identifying what to “target”, look back on @TazWake and @syn4ps posts; these led me on the right path.
Amazing box, I have learned so much. It was difficult but the effort was worth it. The end of Multimaster is what definitely helped me to get root.
@ComandanteRed said:
I found the injection point and i used sm to extract some data, including users and a password that I have no use for right now (maybe it will be useful later?).
If I try the same tool to upload something, I always get an error regarding potential permission problems.
I’m stuck here, any nudge would be appreciated
I was just typing type root.txt when someone reseted the box… FML
@Brogramm3r it says access denied first but it will perform time-based and then it will write the file to the location… i hope you are writing the file to the web-root directory instead somewhere else…
Finally got root on this one just after it was retired (didn’t look at any write ups though).
I don’t really like how I ended up doing it though, as the service I used could only be started and not stopped. So if I’d made a mistake on the first attempt, or if someone else already started the service, I would have been screwed. There must be a better way of doing this that the author intended… If anyone found it could you satisfy my curiosity and let me know via PM (or I guess spoilers might be allowed in here now the box is retired?)
@VbScrub said:
If anyone found it could you satisfy my curiosity and let me know via PM (or I guess spoilers might be allowed in here now the box is retired?)
As far as I know, I did it the same way you did - and may well have had problems if other people were attacking at the same time as me.
The writeups have some interesting approaches - the “official” one by egre55 is pretty awesome and many orders of magnitude more detailed than my approach. A couple of the other write-ups use different services but I don’t think any of them really solve the problem you’ve mentioned.